/**
* Budowanie uprawnień do formularzy
*
* @return Zend_Acl
*/
public function getAcl()
{
$oddzial = ODDZIAL_ID;
$profil = $this->getCurrentProfile();
$aclProfileId = $profil ? $profil->id : 'none';
$cm = $this->getBootstrap()->getResource('cachemanager');
$cache = $cm->getCache('rolecache');
$branch_name = is_numeric(ODDZIAL_ID) && ODDZIAL_ID > 0 ? '_' . ODDZIAL_ID : '';
if (!($this->acl = $cache->load('form_acl_profile_' . $aclProfileId . $branch_name))) {
$this->acl = new Base_Acl();
$this->_groups = $all_groups = $grupy = $this->getGroups();
$this->_roles = $all_roles = $role = $this->getRoles($profil);
foreach ($grupy as $grupa) {
$this->addAclRole($grupa, 'group');
}
$profil = $this->getCurrentProfile();
foreach ($role as $rola) {
$this->addAclRole($rola, 'role');
}
$tmp = $this->getResources(array('form', 'filter'));
$rupModel = new GroupFormResource();
$rup = $rupModel->fetchAll()->toArray();
$up = $tmp['form']->toArray();
$upArray = array();
foreach ($up as $u) {
$upArray[$u['id']] = $u;
$module = $u['module'];
$controller = $u['form_class'];
$action = $u['form_element'];
if ('*' == $controller) {
$resource = $this->buildResourceName('form', $module);
$parent = null;
} elseif ('*' == $action) {
$resource = $this->buildResourceName('form', $module, $controller);
$parent = preg_replace('/\\.[_a-zA-Z]*$/', '', $resource);
} elseif ('*' != $action and $action) {
$resource = $this->buildResourceName('form', $module, $controller, $action);
$parent = preg_replace('/\\.[_a-zA-Z]*$/', '', $resource);
}
if ($parent && !$this->acl->has($parent)) {
$this->acl->add(new Zend_Acl_Resource($parent), preg_replace('/\\.[_a-zA-Z]*$/', '', $parent));
}
if (!$this->acl->has($resource)) {
$this->acl->add(new Zend_Acl_Resource($resource), $parent);
}
}
$acl_feed = array();
foreach ($rup as $r) {
$module = $upArray[$r['id_resource']]['module'];
$controller = $upArray[$r['id_resource']]['form_class'];
$action = $upArray[$r['id_resource']]['form_element'];
$role = 'group_' . (int) $all_groups[$r['id_group']]['priority'] . "_" . $r['id_group'];
if ('*' == $controller) {
$resource = $this->buildResourceName('form', $module);
} elseif ('*' == $action) {
$resource = $this->buildResourceName('form', $module, $controller);
} elseif ('*' != $action and $action) {
$resource = $this->buildResourceName('form', $module, $controller, $action);
}
if ($r['deny']) {
$this->acl->deny($role, $resource);
} else {
$this->acl->allow($role, $resource);
}
}
/**
* Domyślnie allow na wszystkie formularze
*/
$this->acl->allow(null, 'form:default');
$rupModel = new RoleFilterResource();
$rup = $rupModel->fetchAll()->toArray();
$up = $tmp['filter']->toArray();
$upArray = array();
$resource = $this->buildResourceName('filter', 'default');
if (!$this->acl->has($resource)) {
$this->acl->add(new Zend_Acl_Resource($resource));
}
foreach ($up as $u) {
$upArray[$u['id']] = $u;
$filter = $u['id'];
$resource = $this->buildResourceName('filter', 'default', $filter);
$parent = $this->buildResourceName('filter', 'default');
if (!$this->acl->has($resource)) {
$this->acl->add(new Zend_Acl_Resource($resource), $parent);
}
}
$acl_feed = array();
foreach ($rup as $r) {
$filter = $upArray[$r['id_filter']]['id'];
$role = 'role_' . (int) $all_roles[$r['id_role']]['priority'] . '_' . $r['id_role'];
$resource = $this->buildResourceName('filter', 'default', $filter);
if ($this->acl->hasRole($role)) {
$this->acl->allow($role, $resource);
}
}
$cache->save($this->acl, 'form_acl_profile_' . $aclProfileId . $branch_name);
}
/**
* Domyślnie deny na wszystkie filtry
*/
$this->acl->deny(null, 'filter:default');
$identity = Zend_Auth::getInstance()->getIdentity();
$data = array();
$roles = array();
if (!$identity) {
$defaultRole = $this->getDefaultRole();
$data['roles'][] = $defaultRole;
} else {
if (!($data = $cache->load('user_data_' . $identity->id . '_profile_' . $aclProfileId . $branch_name))) {
$profilModel = new Profile();
$profil = $profilModel->fetchRow(array("id_user = {$identity->id}", "id_branch = {$oddzial}", 'ghost = false'));
// $profil = $this->getCurrentProfile();
if ($profil->id) {
$profil = $profil->toArray();
$profil['parents']['role'] = array();
$profil['parents']['group'] = array();
$profilRola = new ProfileRole();
$ru = $profilRola->fetchAll("id_profile = {$profil['id']}")->toArray();
foreach ($ru as $r) {
$roles[] = 'role_' . (int) $all_roles[$r['id_role']]['priority'] . '_' . $r['id_role'];
$profil['parents']['role'][] = array('id' => $r['id_role'], 'priority' => (int) $all_roles[$r['id_role']]['priority']);
}
$profilGrupa = new ProfileGroup();
$gu = $profilGrupa->fetchAll("id_profile = {$profil['id']}")->toArray();
foreach ($gu as $g) {
$roles[] = 'group_' . (int) $all_groups[$g['id_group']]['priority'] . "_" . $g['id_group'];
$profil['parents']['group'][] = array('id' => $g['id_group'], 'priority' => (int) $all_groups[$g['id_group']]['priority']);
}
$this->addAclRole($profil, 'profile');
}
$data['roles'] = $roles;
$data['profil'] = $profil;
$cache->save($data, 'user_data_' . $identity->id . '_profile_' . $aclProfileId . $branch_name);
} else {
// FROM CACHE
if ($data['profil']['id']) {
$this->addAclRole($data['profil'], 'profile');
}
}
}
return $this->acl;
}
/**
* Aktualizacja ról, które mają dostęp do filtra
*
* @param Base_Form_Abstract $form formularz z danymi do zapisania
* @param integer $id id filtra
* @return integer ilość poprawionych wierszy
*/
public function shareFilter($form, $id)
{
$model = new RoleFilterResource();
$values = $form->getValues();
$model->getAdapter()->beginTransaction();
$filters = $model->fetchAll('id_filter = ' . $id);
foreach ($filters as $filter) {
$filter->delete();
}
$ret = 0;
try {
foreach ($values as $role_id) {
$tmp = $model->createRow(array('id_filter' => $id, 'id_role' => $role_id));
$tmp->save();
$ret++;
}
$model->getAdapter()->commit();
$cm = Zend_Controller_Front::getInstance()->getParam('bootstrap')->getResource('cachemanager');
$cache = $cm->getCache('rolecache');
$cache->clean(Zend_Cache::CLEANING_MODE_ALL);
} catch (Exception $e) {
$model->getAdapter()->rollBack();
}
return $ret;
}